Posted
by
samzenpuson Thursday February 27, 2014 @08:42PM
from the most-private-of-messages dept.

An anonymous reader writes in with news about a new anonymous instant messenger client on the way from Tor. "Forget the $16 billion romance between Facebook and WhatsApp. There's a new messaging tool worth watching. Tor, the team behind the world's leading online anonymity service, is developing a new anonymous instant messenger client, according to documents produced at the Tor 2014 Winter Developers Meeting in Reykjavik, Iceland."

It would be better to call it "not traceable".Here the meaning of "anonymous" being that NSA can't tie an actual identity to the peers of a chat (by using the already well tested Tor network), and that they can't eavesdrop into the conversation (by using the already well tested OTR standard).

i.e.: Bob1983 and Alice_696969 happily chat to each other about how much they dislike the current political situation in Kiev or brainstrom about better methods to circumvent the Chinese Great Firewall.

More appropriately, some random, anonymous Internet entity will be able to communicate with you. Of course, the NSA will know who that entity is, so they are really only keeping their identity secret from you. Pretty much like all that spam email that you receive now.

If I want to keep something secret from the US, I'll just use ICQ, since it's owned by russians. Of course, the downside of using ICQ in 2014 is that my messages will stay too confidential for the purposes of communicating.

Are you kidding me? You don't think the US and Russia share intelligence? (And that's assuming the US hasn't hacked ICQ.)

International espionage isn't like a child's playground, where you're either friends or foes. You cooperate when it's in your interest, and you don't when it's not. Why would it not be in the FSB's best interest to allow the NSA to tap ICQ, particularly for identified individuals, and especially if the NSA reciprocates in kind.

Tor? The 'dark net' who's largest nodes are run by the NSA doing traffic analysis? That Tor?

The one that brought down silkroad?

Nope wrong wrong and wrong.

Tor is has had about very few highly throttled node running on amazon cloud for a couple of weeks run by the NSA according to head TOR developer Jacob Applebaum at 30c3 about a month ago. Additionally the NSA's own documents released by Edward Snowden showed that the NSA can't break current TOR releases.

Secondly silkroad was brought down by Dread Pirate Roberts mixing his darknet identity and his clearnet identity by using the same email address and handles. Another break in the case was when a package with fake ID's was intercepted at a Canadian border check.

"Secondly silkroad was brought down by Dread Pirate Roberts mixing his darknet identity and his clearnet identity by using the same email address and handles. Another break in the case was when a package with fake ID's was intercepted at a Canadian border check."

Maybe. It's also possible that those pieces of evidence were discovered _after_ some other, illegal methods were used. It's called parallel construction, and it's regularly employed to launder chains of evidence for trial.

It's also possible that those pieces of evidence were discovered _after_ some other, illegal methods were used.

Except that, in this case it wouldn't have required any *illegal* method (1) (2).It would have required method which go against anything that is currently known in cryptography.

The cryptographic methods which form the basis of Tor are sound and unbroken as of yet.Tor is sufficiently well designed to avoid bugs and exploits that might lead to leaks (Side-channels, etc.)To actual crack Tor open, you need to beat modern cryptography.And the NSA doesn't have a monopoly on brains, and modern research is (as alwa

How did you reach this conclusion? The guy has been a lying "me-too" since at least 14. Anyone who grew up with him knows how full of shit he is. He also is just a fucking cheerleader, can't code for shit. Look at his commits.

Looks like we got ourselves a JTRIG attack here. What is JTRIG?

As reported on earlier on slashdot;

Advocatus Diaboli writes with this excerpt from an article by Glenn Greenwald on the pervasiveness of shills poisoning web forums: "One of the many pressing stories that remains to be told from the Snowden archive is how western intelligence agencies are attempting to manipulate and control online discourse with extreme tactics of deception and reputation-destruction. It's time to tell a chunk of that story, complete with the relevant documents..... Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the Internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: 'false flag operations' (posting material to the Internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting 'negative information' on various forums." I guess Cryptome was right. Check out the the training materials provided to future forum spies.

Where is a more recent credible assessment of adversary capabilities specifically to the TOR network?

The fact that NSA dosn't have a monopoly on brains. The fact that research is done by advancing previous research (and rarely appearing out of the blue), and universities have access to the same historical previous research that secret researcher hidden in the NSA do.

And despite this, none of the academics working on it has been able to demonstrate any actual failure of principles behind Tor.There *is* a prestige incentive to be the first research group to demonstrate an actual good failure. But until now,

The most obvious attack is control of a majority of the network, and of course correlations attacks which require access to many ISPs.

The *owning* itself might be achievable (and even that is going to be complicated because you need to own significantly more than other governments trying to achieve the same and non-governmental legitimate users)

*BUT* even then extracting any meanfingful data is complicated. The more people use tor for anything else beside what you're targetting, the higher the noise level among which you're searching for signal, and thus the lower significance of anything you might try to analyse.Beyond some point

No Navy intelligence wrote the original tor software they then open sourced it and gave it to the community. It is now run by the TOR project most of the members of which are regularly harassed and spied on by the US government. Jaccob Applebaum head developer had is flat broken into and computers tampered, another tor developer, Andrea Shepard, have had her computer she ordered via amazon "redirected" mid shipment to NSA facilities in Alexandria Virginia. TOR devs have been pressured by homeland and have

Apparently, nobody on this thread understands what 'traffic analysis' means. Nor how it was used to track dread pirate roberts location (also the Chester that was busted a week or so prior to DPR).

Tor is still secure, provided you don't send or receive a lot of data. If you send or receive a lot of data, traffic analysis will lead the feds to your physical location, they will own your server. After that you are as good as busted.

Thinking back to the way the UK looked at all calls into Ireland, the private US telephone services kept call data for generations... to Snowdens
GCHQ's Tempora http://en.wikipedia.org/wiki/T... [wikipedia.org] news... if your message exits the UK, goes on a global trip and re enters the UK, putting the start and end ip together would not be hard work:)

That's actually their plan:- Use Tor for network anonymity- Use OTR for content protection.

And they also have a 3rd step:- Use the open source InstantBird. It's opensource so it's possible to make it secure.(basically, yet another chat system that relies on Pidgin's libPurple. Like Adium and co)(except that one runs on mozilla's xul, so there some code share with firefox, the other software that is bundled next to tor in their bundle)

And probably (not mentioned yet but likely to happen):- Deploy some Jabber

Did you know EVERY IM service commonly in use requires your text messages to pass through their servers, before they reach the recipient?

One can debate 'commonly used', but regardless there are options to either avoid that, or endpoint encryption so it wont really matter if you do pass thru a 3rd party server along the way. One option is Jabber.

The big software and telco firms seem to offer decrypt as a default to their own security services via a simple 'letter'.
The small.com/open source efforts might work for keeping your message safe but the surrounding ip would stand out as to 'why'.
Re why there aren't more apps that can encrypt your voice during a call?
Why where so few encryption machines offered with hardware safe from the NSA and GCHQ in the 1950-80's?
Standards and price.
So in 2014 using a big software or telco firms offerings or bee

The real question, however, is why every user effectively engaged in P2P communication (like webchat, IM, or Skype), allows a man-in-the-middle attack to collect and process their personal data, when the ONLY useful aspect of the service is connecting the users together in the first place.

Apparently, because doing that is patented. No, really! Apple tried it with Facetime, and got sued by a troll*, VirnetX. Initially that's how Facetime worked, Apple's servers authenticated you and connecting you together, but then the 2 devices connected directly for the content of the video/call, not through Apple's servers. They lost a $368million verdict and they were forced to change it so everything has to get relayed through their servers.

Tor users are being attacked by government agencies and those whom haven't followed the advice of the project are becoming victims of there own stupidity. It has nothing to do with Tor having backdoors in it. Neither the Tor Browser Bundle nor Tails were vulnerable to the attacks by governments agents for users who maintained there system and updated daily.

Now the freedom hosting bust may have been different. I don't think we know in regards to that bust how the guy in charge of freedom hosting got caught.

Okay, first off, the nature of instant messaging is such that you can't truly have an anonymous system. After all, while "the network" may not know Alice, Bob, and Carole, the three of them must know each other and be able to distinguish between them...otherwise you've simply got ChatRoulette and the purpose of IM is largely moot.

Retroshare provides fully decentralized IM, pseudo-email, and file transfers. It's a wonderful tool in this regard. It solves the problem of $IM_SERVICE keeping a record of your chats, because there isn't one. It solves the problem of packet sniffing, because it's all PGP based and thus there is no such thing as an unencrypted packet that enters or leaves the software. It solves the problem of needing a server, because everyone is a peer. All of the things that this Tor program seems to solve, has already been solved, and then some. "Well then,why doesn't everyone use it?" Well, the nature of Retroshare makes it difficult to gain critical mass. You have to understand, at some level, how PGP works - instead of a 'friend request' with that person's actual name, you get to share public keys to 'add' them. This is fine and dandy, but opens up a few new problems. First, even cutting-and-pasting something the size of a PGP key and then reciprocating it to the other person is going to cause the eyes of most people to glaze over. Second, you'll need to exchange keys somehow; if you're e-mailing keys back and forth, most people would say "...so just e-mail the damn message". This is where the file sharing half comes into play, since users can trade files directly without having to do much else. However, with Dropbox/Gdrive/1Drive/etc making transfers stupid simple, the practical application for Retroshare in the eyes of Facebook Chat and Whatsapp users starts to wane significantly when put up against "use an already-functional communication medium to do a PGP exchange that will facilitate another communication medium." Bonus points for Retroshare being a smidge petulant when it comes to port forwarding, and not having a mobile version for any platform.

Conversely, we have IRC. it's ancient, and the UI of mIRC doesn't jive well with the Instagram crowd, but anyone with some semblance of tech skills can run an IRC server. Set that up with SSL and your communications are encrypted, with nothing more than a generic handle to identify you with. The problem is that you'll need someone who can set up such a protected server, and by definition, you have a single point of failure. IRC's other failure (which may apply to Retroshare as well) vs Tor is that IRC does involve IP addresses, so you'll still need a proxy of some kind (or Tor itself) to obfuscate that little nugget.

Tor routing communications through other users as a part of the protocol is the one problem it solves. Secure transmission of text-based messages has been solved pretty well already, "Anonymous IM" is an oxymoron based on the fact that IM in itself usually assumes a prior relationship of some kind between the two parties, and even if it didn't, each user will need *some* sort of unique identifier to ensure that Alice gets messages meant for her, Bob gets his, and Carole gets hers.

Retroshare's problem is that it sucks donkey balls. I tried setting it up with a friend swapping PGP keys - that part wasn't so hard, but setting up a private share my friend he couldn't download at 1/10th the speed I can through HTTPS/SFTP/FTPS/any other secure file transfer mechanism. I don't know what they're doing wrong but it just seemed utterly amateurish so I uninstalled it and hasn't given it a second look since.

TOR not only attract the watchers with black helicopters and black vans, it's said to be vulnerable to timing attacks esp. by those same entities with extremely large means. So why isn't this news about anonymous IM on a garlic routing network or something?, either switch to a new network or upgrade TOR and call it TOR 2.0 or TOR 1.1 or something but please, something has to be done.

TOR not only attract the watchers with black helicopters and black vans, it's said to be vulnerable to timing attacks esp. by those same entities with extremely large means. So why isn't this news about anonymous IM on a garlic routing network or something?, either switch to a new network or upgrade TOR and call it TOR 2.0 or TOR 1.1 or something but please, something has to be done.

Why the hell you feel your software could ever protect you from the NSA is beyond me. We used to be worried about script kiddies and malware delivered via spam. Now, all we worry about is if our software is unbreakable by a State-sponsored agency with billions of dollars, hundreds of personnel, millions in computing resources, and no laws to follow. Even if someone claimed it was unbreakable, I'd love to know how the hell they're going to prove it.

it's said to be vulnerable to timing attacks esp. by those same entities with extremely large means. So why isn't this news about anonymous IM on a garlic routing network or something?, either switch to a new network or upgrade TOR and call it TOR 2.0 or TOR 1.1 or something but please, something has to be done.

There are networks that protect against timing attacks, but the nature of the protection makes them unsuitable for IM or other near-realtime communication. Basically, they operate by having nodes s

You could certainly call it "TOR 2.0" IF you assume a general trend to using darknets for most networking. This is because even while I2P can handle full bittorrent and comes with a decentralized messenger, exit nodes (outproxies) are the exception... I2P is designed to be used mainly between I2P users.

I should have been clearer in my wording - I wished for TOR to evolve, or for attention to shift to another network e.g. the network you're speaking of. I thought that maybe that new IM client should have been announced for I2P.Then again TOR has the users and I suppose speed and latency for it.Can I just run TOR without ever leaving TOR?

You're friends with some dude and some dude. Some dude's pretty cool, but some dude keeps posting goats.cx pictures on your news page. You keep trying to unfriend him, but you keep accidentally unfriending some dude instead. Some dude offered to sell you weed but when you tried to take him up on it and asked him where to send your money, he accused you of being a cop and unfriended you. You put up with it because it's still less annoying than Facebook.

Its called I2P-Bote, a messaging system based on DHT. Its a part of I2P which is included in the TAILS distro along with Tor.

Once the I2P bittorrent clients experimented with DHT and succeeded, some people figured they could pull off a messenger that was truly decentralized.

And speaking of decentralization, Tor's underlying protocol and topology may not have enough of it to remain viable for too long. OTOH, I2P users contribute to routing bandwidth by default, and nodes recognize each others' contribution t

More than anywhere else, this is not a problem geeks alone can solve. The perfect chat client is worthless if none of your friends use it. WhatsApp was huge because everyone used it - network effect.

So Tor - yes, definitely a good step. But you need a good client, ease-of-use is as important as cryptography, and details such as automatically finding your friends who also use it. Threema has a nice solution for that with their hashed address books.

A single system can be hacked, a single OS has bugs, a single app has backdoors, a single protocol has explots etc etc

Use LESS popular services in combination with layers of security. For instance; You can use the Tor Network to SSH into a proxy to tunnel chat with pidgin & OTR plugin. If you're even more paranoid assume your OS is already hacked, use some exotic image like Qubes, create temporary destructible VMs to carry information...there are options and many of them make basic functionality a nightmare.

If you really care that much about having your idle chitchat being "secure" you can always assume everything is being listened to. Good old fashion message encryption is probably much better than a special app.

I am quite happy there's more focus on security but let's be serious here, Tor is a target for snoops. they will find a way in because they already proved they can.

I think the idea here is to be able to say "hello world" to your Tor proxy, and have it communicate with the network such that "n" recipients get the message, but no one knows that you just did that, and definitely don't know what you just said. You don't know who or where those recipients are, you don't know anything about them, other than you're communicating with them.

If you imagine a way where I can tell you I'm on the Tor Chat Net - I don't tell you anything about myself, but instead I generate some so

Honestly, unless you build it yourself, how do you know it's doing what it says it's doing? The client is on iOS or Android? Wasn't there a story this week about about a key logging exploit for iOS? It may not matter that it's secure if there's a better attack vector on a device. Personally, I would never take a claim for security seriously, you're better off using whatever flawed IM service is out there already and just treat every message as a public broadcast.